CN103329480B - Redundancy and the system and method for fault transfer are provided - Google Patents

Redundancy and the system and method for fault transfer are provided Download PDF

Info

Publication number
CN103329480B
CN103329480B CN201180065706.0A CN201180065706A CN103329480B CN 103329480 B CN103329480 B CN 103329480B CN 201180065706 A CN201180065706 A CN 201180065706A CN 103329480 B CN103329480 B CN 103329480B
Authority
CN
China
Prior art keywords
server
diameter
mirror image
session
authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201180065706.0A
Other languages
Chinese (zh)
Other versions
CN103329480A (en
Inventor
阿伦·C·亚历克斯
斯汀森·马歇尔
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Cisco Technology Inc
Original Assignee
Cisco Technology Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Cisco Technology Inc filed Critical Cisco Technology Inc
Publication of CN103329480A publication Critical patent/CN103329480A/en
Application granted granted Critical
Publication of CN103329480B publication Critical patent/CN103329480B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0892Network architectures or network communication protocols for network security for authentication of entities by using authentication-authorization-accounting [AAA] servers or protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/142Managing session states for stateless protocols; Signalling session states; State transitions; Keeping-state mechanisms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/143Termination or inactivation of sessions, e.g. event-controlled end of session
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/146Markers for unambiguous identification of a particular session, e.g. session cookie or URL-encoding
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/148Migration or transfer of sessions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/40Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass for recovering from a failure of a protocol instance or entity, e.g. service redundancy protocols, protocol state redundancy or protocol service redirection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M15/00Arrangements for metering, time-control or time indication ; Metering, charging or billing arrangements for voice wireline or wireless communications, e.g. VoIP
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M15/00Arrangements for metering, time-control or time indication ; Metering, charging or billing arrangements for voice wireline or wireless communications, e.g. VoIP
    • H04M15/66Policy and charging system
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/24Accounting or billing

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephonic Communication Services (AREA)
  • Computer And Data Communications (AREA)

Abstract

Provide and provide redundancy and the system and method for fault transfer for the server for being communicated by authentication protocol.Mirror image is initiated by the Diameter server strengthened when Diameter utility cession starts, this Diameter server provides the renewal of Diameter session continuously to one or more equity Diameter mirror image servers, and therefore keeps the active image of this session.

Description

Redundancy and the system and method for fault transfer are provided
Technical field
It relates to provide redundancy and fault transfer for the server for being communicated by authentication protocol (failover) system and method.
Background technology
In network (such as wireless network), it is desirable to distribute Internet resources according to strategy or rule. These strategies contain the such as network bandwidth, service quality (QoS) and the resource of safety (fire wall). To some type of content (such as surfing the web), postpone and packet loss may be not significantly affected by The quality of the content delivered, and effect may be inconspicuous.Yet with being delivered to mobile subscriber The type of the content of (such as cell phone, personal digital assistant (PDA) and other handheld device) Become more and more diversified to include voice-over-IP telephone (VoIP), Streaming Media and multiplayer, therefore The content of these types needs the reliable network with preset parameter to connect.For such content, prolong Slow and unordered arrival is likely more significantly.
The Web vector graphic rule with management based on strategy carrys out the network behavior of the various aspect of specification.Real The network executing management based on strategy generally uses agreement to process certification, authorization and accounting (AAA) Service.Two such agreements be remote authentication Dial-In User Service (RADIUS) and Diameter.Certification refer to the identity of entity certified and by with user record (such as honeycomb electricity The mobile subscriber record of words user) process mated.Once identifying subscriber's record, AAA takes Business device allows for application service and determines whether that user accesses some service (mandate) and remembers Record the activity (book keeping operation) of this user.One of purposes of book keeping operation is can be to provide the number being suitable for charging form According to.These agreements can be realized by the one or more servers for providing AAA to service.Diameter It is next generation protocol, the AAA selected for replacing RADIUS to be used as in next generation cellular network Method.
Summary of the invention
General introduction
Disclose the system and method for session redundancy in the cluster for providing certificate server.One In individual embodiment, a kind of system includes: memorizer, may operate to perform storage in which memory The processor of instruction, use authentication protocol to lead to the Authentication Client on the network of service supplier The network interface of letter, for carrying out the certification of hold mode for the authen session with described Authentication Client Module, and the authentication module communicated with described authentication module.Described authentication module is configured to from institute State authentication module and described Authentication Client receives certification message, by the network of described service supplier To send described certification message to certification mirror image server, and from the network of described service supplier Peer server (peer server) pond in select described certification mirror image server, wherein said instruction May operate to, by authentication protocol message, the identification information of described certification mirror image server is sent to institute State Authentication Client.
Accompanying drawing explanation
Fig. 1 is according to some embodiment, the exemplary wireless data network that uses Diameter interface Exemplary representation.
Fig. 2 according to some embodiments, have and go to the mirror image of another Diameter server The signaling diagram of the radio data network of Diameter server.
Diameter server that Fig. 3 according to some embodiment, is designed to perform mirror image and visitor The flow chart of family end.
Fig. 4 is according to some embodiment, the merit of the Diameter server being designed to execution mirror image Can block diagram.
Fig. 5-6 shows the network equipment according to some embodiment.
Detailed description of the invention
Exemplary embodiment
Provide for what the server offer redundancy for being communicated by authentication protocol and fault were shifted and be System and method.Use authentication protocol strategic server should have safely and reliably channel come for Transmit the mission critical information relevant to charging, authorize the service by client device requests and with Mobile device certification is the user authorized by the charge information record being associated.Diameter carries Supply these functions, but do not provide and can strengthen the mirror image of reliability, fault transfer and redundant ability. According to various embodiments, shown below is the method for providing these reliabilities to strengthen.
Diameter is certification, the authorization and accounting (AAA) used in communication network and wireless network Agreement.These networks have various demand, such as, occur on network that during cellular telephone subscribers, certification should Cellular telephone subscribers, uses recording rules for service to this cellular telephone subscribers charging, Yi Ji The AAA providing reliable and available in whole network services.Diameter is designed to meet these demands And it is used for replacing remote authentication Dial-In User Service (RADIUS) agreement, radius protocol Lack some desired features (such as IP mobility and policy control), and in safety, can expand Malleability and motility aspect there is also some problems.Owing to initially not envisioning RADIUS for providing base Service outside this certification, has therefore lacked the many features in these features.Various suppliers are Extend RADIUS, but this extension may often be such that proprietary and do not describes in detail.
In consideration of it, Diameter is designed to performance more than RADIUS in some respects. Transmission control protocol (TCP) and SCTP (SCTP) are appointed as transmission by it, replace UDP (UDP), and by using the Diameter of extended Diameter basic agreement Application and be extendible by bespoke.Diameter also defines policy protocol, it is allowed to single clothes Business device processes strategy for many networks and service.
When client needs certification, or other service provided by Diameter identifies suitably clothes Business device and with this server initiate Diameter request time, occur Diameter mutual.Strengthen Diameter server automatically initiates mirror image when Diameter utility cession starts, enhancing Diameter server provides Diameter session more to one or more peer server incessantly Newly, thus keep the active image of this session.Diameter client knows the ground of Diameter mirror image Location or domain name.When Diameter server breaks down, it is provided that various methods are used for activating Diameter mirror image.When provide in a network required intelligent time, can be to joining in client The method realizing in the case of changing minimum providing is provided.These methods may be provided for quick fault and turn Move, good autgmentability, and in peer server, have only to little static configuration or need not Static configuration.
By using domain name system (DNS) SRV to record or NAPTR record, Diameter allows Automatically peer (peer) is found.These are can to provide service and main frame by DNS Protocol The DNS record type that title is associated, and be generally used for supporting Session initiation Protocol (SIP) In system.
DNS SRV record or NAPTR record may serve to storage and shared Diameter equity clothes Business device information.Therefore Diameter server can automatically find the peer server on network, with These peer server can be used by it as mirror image afterwards.In certain embodiments, dns server Can be extended to specifically some Diameter server is appointed as mirror image server.
Diameter client can be by various agreements and Diameter server communication, these agreements Including datagram protocol (UDP), transmission control protocol (TCP) and SCTP (SCTP). Diameter allows each software application to use it by specifying application identifier with one group relevant (AVP) is carried out spread foundation agreement by property value.Each such protocol extension is referred to as Diameter should With.The example of Diameter application is that Diameter moves IP application, and the expansible certification of Diameter is assisted View application, and the application of Diameter Session initiation Protocol.Some AVP are also of basic agreement Point.
Diameter session is that the logic between two Diameter nodes connects, generally at Diameter Interact between client and Diameter server but it also may interact across multiple connections. When client contacts Diameter server, it provides the session id generated by client.This session It is unique with permanent that ID can be defined as globalization.Client and server is in communication further subsequently During use this session id.
Diameter session by Diameter client to Diameter server or Diameter act on behalf of (as If fruit needs message to forward) send the authentication request message comprising unique session-id and start.This is recognized Card request message utilizes for the AVP applied specific to Diameter, thus each application can use The authentication protocol extension of its own.Diameter server can include authorizing life in its response Phase (Authorization-Lifetime) AVP.In this case, after the vital stage terminates Diameter client is authorized again.If Diameter client authorization failure again, then Diameter server can go distribute (deallocate) or remove (tear down) session.Certain A little servers can use mandate vital stage AVP to notify Diameter client, is going distribution session They will wait one section of extra special time before.In the case of there is the most identical semanteme, Certain server can use session vital stage AVP in conjunction with authorizing vital stage AVP, or uses meeting Words vital stage AVP replaces mandate vital stage AVP.
The fault of the Diameter client fault of Diameter server (or in some instances) Original state ID (Origin-State-ID) AVP can be used to detect.This AVP is by sending out of asking Included by the person of sending.Basic agreement AVP monotonic increase, thus when this AVP does not increases, or when being somebody's turn to do When AVP surprisingly increases, recipient obtains malfunction warning.When Diameter server receives greatly When original state ID of original state ID previously received from network node, this Diameter services Device assume that sender of the message is already at lost condition from previous message, and all previously Movable session has been terminated.
The fault of Diameter client can also be detected by the expired of multiple intervalometers, these timings Device by Diameter server in certification vital stage AVP, certification grace period AVP and session vital stage AVP specifies.Within the time that certain is specified, fail to respond to Diameter server will cause Diameter server sends STR (session termination) message and Diameter service is distributed in removing Whole resources of the session at device.
Can fail to respond to ask conventionally to detect Diameter according to Diameter server The fault of client.By using session timeout AVP, this detection can be promoted.
Session termination request is for sequentially terminating Diameter session.When session termination request is sent Time, the Diameter server of reception removes all resources just used by this session.These requests are It is provided to preserve all sessions of state for needing Diameter server.Due to Diameter Server propagates STR request to each network of relation device, and this STR request is also to passing through only generation The server that reason accesses notifies that their Terminal Server Client occurs in that fault.
If not having any message exchange in a period of time, then any side in both sides can send and set Standby supervision asks message, and other side replies with equipment monitor and responds.For both sides this Mechanism is all available, so that it is determined that other side has occurred in that fault the most.
As specified, Diameter does not include the support shifted for mirror image or automatic fault. If only two Diameter server, and if the first Diameter server occur in that fault And stop responding Diameter request, then in some examples, its client can contact the 2nd Diameter Server checks that this second Diameter server the most just carries out mirror to the first Diameter server Picture.
There is multiple Diameter server, as being generally directed to macroreticular or service provider network Situation, each server can process a large amount of client potentially, and the most each client has perhaps The most therein each by the independent session of Diameter application authorization.May require that each mirroring service Device responds and meets the mirror request from other Diameter server all.Additionally, at one In the case of Diameter server breaks down, Diameter client the most clearly mode is come really Which server in fixed many servers just may carry out mirror image to its session data.
Table 1 below identifies on internet multimedia system (IMS) network based on Diameter Some interfaces.Identify " from " network node mark in a hurdle can comprise Diameter client End realizes device, and these Diameter client realize device and identify " going to " on this network Diameter server in hurdle realizes device communication.These interfaces have been named and by by being permitted Many 3GPP standard is the clearest and the most definite.
From Go to Interface name
S-CSCF HSS (subscriber database) Cx
S-CSCF CCF (billing function) Rf,Ro
Application function HSS Sh
Application function PCRF [policy control functions] Rx
PCRF GW[PGW/HSGW] Gx,Gxa
Application function CCF Rf
PGW 3GPP AAA S6b
MME HSS S6a
Interface based on Diameter on table 1:IMS network
Fig. 1 shows according to some embodiment, the wireless IMS data network of use Diameter Network.Fig. 1 includes subscriber equipment (UE) 110, and described UE 110 is by base station (not shown) and nothing Line access network (not shown) is connected to wireless network, and is connected to strategy and charging enforcement functionalities (PCEF) 112, policy control and charging rule functions (PCRF) 114, Proxy-Call session control Function processed (P-CSCF) 116, inquiry-CSCF (I-CSCF) 111, service-exhale It is conversation control function (S-CSCF) 120, other carrier network 122, interrupts gateway control function (BGCF) 124, MGCF (MGCF) 126, home subscriber server (HSS) 121 and application server (AS) 130.PCEF 112 can save in such as gateway GPRS service Point (GGSN), packet data gateway (PDG), grouped data IWF (PDIF), packet Data serving node/home agent (PDSN/HA) or the network of access service network (ASN) gateway Device and functionally realizing.In certain embodiments, P-CSCF 116 and policy agent can be same Realize on the network equipment of sample.Every square dotted line instruction Diameter interface, such as GX/TY, GQ/RX/TX, CX and Sh interface.In the figure, PCRF 114 and HSS 128 is Diameter Server, and PCEF 112, P-CSCF116, I-CSCF 118, S-CSCF120 and AS 130 are Diameter client.
PCEF 112 is positioned at gateway, this gateway can be GGSN, packet data gateway (PDG), IWF (PDIF), PDSN/HA and/or the access service network gateway (ASN of packet data gateway GW).PCEF 112 provides server data stream detection and counting and online and offline charging is mutual. PCEF 112 may be provided for connecting the strategy pressure of access network (IP-CAN) towards Internet protocol. The stream controlled based on charging is combined by PCRF 114 with policy decision function.PCRF 114 can be to PCEF 112 provides strategy and charging to control (PCC) rule, and the application on this network equipment Function (AF) notice flow plane event.Proxy CSCF 116 can serve as subscriber equipment (UE) First communication center of 110 and forward the sip message in network.P-CSCF 116 generates the detailed of charging Thin call record, keeps the security association with UE 110, and by application function (AF) come to PCRF 114 authorizes the service quality (QoS) of bearing resource.P-CSCF 116 may be provided for this locality Service (such as 411 service and emergency service), lawful intercept and the compression of SIP head portion.
Inquiry (Interrogation)-CSCF 118 can be as first between different operators network Contact.I-CSCF 118 forwards sip message also by this network, distributes S-CSCF to session, Generate the detailed call record (CDR) of charging, and provide topology hiding for network.Service-CSCF 120 as SIP registration person and provide IMS user authentication.S-CSCF 120 loads and orders from ownership The IMS user profiles of the person's of readding server (HSS), it is provided that individual's to individual (P2P) session and individual To the control of application (P2A) session, and the Service controll of sip application server.S-CSCF 120 Offer address translation is supported, generates charging CDR and lawful intercept.P-CSCF 116、I-CSCF 118 It is all typical Diameter client with S-CSCF 120.
Fig. 2 is the call flow diagram according to some embodiment.Diameter client 202 and first Diameter server 206 communicates, and the first Diameter server 206 is combining Diameter mirror image In the case of server 204, the session between Diameter client 202 is carried out mirror image.In step Rapid 208, Diameter client 202 is by servicing with authentication request message contact the oneth Diameter The unique session-id used in whole session is initiated Diameter session by device 206, offer.? Step 210, the first Diameter server 206 sets up (stateful) the Diameter session having state. In step 212, the first Diameter server 206 sends mirror to Diameter mirror image server 204 As request.Suitably shake hands generation, thus the first Diameter server 206 recognizes Diameter Mirror image server 204 is the most just performing mirror image.From this moment on, by the first Diameter server The 206 all Diameter message sending or receiving will be forwarded to Diameter mirror image server 204. These Diameter message can be come by the Diameter using the extension specified with supplier to combine Forward, or they can forward by using other agreement or communication means.Desirably when often After the Diameter message that bar enters arrives, forward this message immediately thus provide and take with Diameter The synchronization of business device.Diameter mirror image server 204 can respond from the first Diameter server The further Mirror Info of 206, it is also possible to be not responding to.
In step 214, Diameter server 206 responds initial Diameter request, and this is initial Diameter request can be that any Diameter made by Diameter client 202 asks message. Diameter server 206 can include authorizing vital stage AVP or session life in its response Phase AVP.Diameter server 206 comprises Diameter mirroring service also by sending to client Session mirror image (Session-Mirrored) AVP of the Hostname of device 204, notifies Diameter Client 202 current sessions is just mirrored.In certain embodiments, multiple mirror image servers can be by Selecting, in this case, all selected mirror image servers will be specified in session mirror image AVP. In certain embodiments, multiple session mirror image AVP can be provided by dns server.At this moment Need not the concrete response from Diameter client 202.But as shown in the step 216, If Diameter client 202 (being likely to be in both the buffers) storage receive about it Designated mirror server, then this Diameter client 202 may only between failover period utilize This information.In certain embodiments, in periodic holding activity (keep-alive) message or Incidentally (piggyback) its between Diameter client 202 and Diameter server 206 Period on its flow, Mirror Info can be sent more than once.Take at this stage Diameter mirror image Business device 204 generally will not directly contact Diameter client 202.
In step 218, Diameter server 206 breaks down, and Diameter mirroring service Device 204 is waken up and is replacing described Diameter in the active session of Diameter client 202 Server 206.Diameter mirror image server 204 can be noted that or detect that Diameter takes The fault of business device 206, or can be informed that this fault.In step 220, Diameter client Hold the fault detecting in normal course of communications at 202.Diameter client 202 accesses subsequently The information of the appointment Diameter mirror image server about it of step 216 storage, and in step 222 Failover process is initiated by contact Diameter mirror image server 204.This can use specific Fault Transfer Message accomplish, or it can be by by simply to Diameter server 206 Retransmit the nearest request with same session ID from Diameter client 202, come right Complete in the case of client software amendment minimum.As the result of mirror image, Diameter mirroring service Device 204 will be updated to up-to-date, and can respond appropriately to by continuing this session in step 224.
In certain embodiments, Diameter communication can occur across service supplier, such as, exist Gateway (PGW) on one service supplier and the policy, billing on another service supplier Between rule functional (PCRF).These can relate to PCRF and PGW across the situation of service supplier Between cross over the Diameter agent node of Gx interface based on Diameter between them.Generally pin These actions are made in safety and topology hiding.In one embodiment, mirror image can be by identical Diameter mirror image server in the network of service supplier or remote service provider Diameter mirror image server provides.By employ standard Diameter agent capability act on behalf of across The connection that the existing Diameter across service provider connects, uses remote service provider Diameter mirror image server is possible.
In some embodiments, it may be possible to substantial amounts of client and Diameter server occur.This In the case of, some clients can be mirrored onto a subset of Diameter server, and other Client can be mirrored onto another subset of Diameter server.Owing to being notified of client when it Master server fault time which mirror image server they should relate to, therefore this is possible. GL in some embodiments is to provide multiple Diameter mirror images for single client.These Multiple Diameter mirror images can be by using additional AVP or otherwise extended Diameter Application protocol, is relayed to Diameter client in the way of identical with aforesaid way.
Noting, explanation above describes the mirror image pattern that granularity is session level.This allow that based on Each session (and in certain embodiments, based on each client) select different mirror images.? In the presence of multiple mirror image servers, initially provide initial one group for one group of client session Mirror image server and availability when being subsequently based on session distribution to provide not to identical client One group of same mirror image server is possible.
Although this system needs not exist for mirror image that central management facility performs to occur and fault turns Move, but the centralized mirror image for distributing or provide mirror image server can be used in certain embodiments Table or coordination facility, thus when client provides or session provides, can be based on various standards (including mirror image server load and periodic maintenance) selects mirror image.
Fig. 3 depicts according to some embodiments, flow-chart form Diameter mirror image sight.Arrow 302 parts representing the flow chart during original Diameter server activities.Arrow 304 represents The part of the flow chart during Diameter mirror image server activity.In step 310, Diameter client End initiates Diameter utility cession.This utility cession can be any application type having state, bag Include but be not limited to strategy, certification, authorization and accounting application.This Diameter client can be any The equipment that can be communicated by Diameter, such as data packet services gateway (PGW), strategy Control rule functional (PCRF) or home subscriber server/mandate, certification and book keeping operation (HSS/AAA) server.Client produces unique and permanent session id, and this session id exists This step is sent to Diameter server.
In step 312, as applying initialized result, Diameter session is by based on pre-in peer Fixed configuration sets up between in client in the cluster and Diameter server.Previously The session id generated is retained in this server.In step 314, accept the Diameter clothes connected Business device creates upper and lower for this session combining at software and/or strong existing Diameter module Literary composition.This Diameter module instruct another Diameter module by cluster other One or more mirror images being selected for this session in Diameter peer server.Select permissible Occur based on various standards, include but not limited to: image load, network topology and safety or Network strategy.This selection can occur in Diameter mirror image selects subprogram or module.Once mirror As being specified for session, then Diameter server retains in Diameter mirror image data memorizer This information, this data storage is associated with at least session id (and being likely to and client id). In step 316, Mirror Info is included in in the response of peer by Diameter server subsequently.
Arriving step 314 subsequently, as arrow 304 reflects, Diameter mirror image server becomes Movable.Although original Diameter server and Diameter mirror image server are all movable, institute The Diameter session activation having the session id generated with client to be associated all is passed through network-copy To this Diameter mirror image server, and said two server is assumed it is to synchronize.Forward Can be performed at Diameter server by Diameter mirror module with mirroring activity.This Diameter The Diameter message that mirror image server needs are crossed from this Diameter server reception mirror image, and The data storage being associated with session id stores these message.This Diameter mirror image server is also Being not responding to this Diameter any request, these Diameter request possibly be present at from this Diameter In server, Diameter flow that mirror image is crossed;On the contrary, this Diameter mirror image server It is passive to remain.Shaking hands between this Diameter server and this Diameter mirror image server can To use Diameter application or to be realized by other means.If owing to this mirror image becomes Unavailable or other mirror image server is made available by or for other reasons, Diameter server selects Select another mirror image, then this Diameter server can be at any time by the list update of mirror image extremely visitor Family end, this client stores or updates this Mirror Info if necessary.
In step 318, client receives and caches Mirror Info until conversation end.Client is all right Update and update this Mirror Info when Mirror Info is updated by Diameter server.This can be by visitor The concrete Diameter mirror image number in the software module of Diameter or this client is realized on the end of family Make according to storehouse or data storage.In step 320, due to one or more reasons, Diameter Server fail, these reasons include but not limited to: link failure, software fault, resource limit System or hardware fault.In step 322, client detects fault by the one or more methods of use, These methods include but not limited to: link failure detection, protocol error detection, from the mistake of server Feedback or the error feedback from one or more intermediaries by mistake.Fault can be by concrete fault detect In software module or Diameter module on the client or Diameter realizes in device The rule existed detects.
In step 324, after fault being detected, client call Diameter mirror image selects module, In the Diameter mirror image server that access Diameter mirror image data memorizer and selection prestore One.This Diameter mirror image selects module can use various heuristic (heuristic) or calculate Method, includes but not limited to: selection based on priority, Path selection based on weight, based on load Selection and randomly choose.In step 326, once Diameter mirror image server is chosen, Diameter Mirror image selection module notes that the Diameter module in client to continue with new Diameter and takes The session of business device.This continuation can be spontaneous can also be should to require and initiate.This can be simple Ground is retransmitted by Diameter module and is sent the previous message with same session ID to make.
Fig. 4 is according to some embodiment, the functional block diagram of the Diameter server realizing mirror image. Diameter server 400 represents the Diameter realizing in hardware or software or their any combination The physical network nodes of server.This server can be mobile multimedia entity (MME), PCRF, HSS/AAA or realize Diameter service other network node.Network node 400 comprises multiple Processor 402 (1)-(n) and memorizer 404.Although this memorizer is shown as a square frame, but It is that it can be distributed on the multiple memorizeies in server 400.Diameter module is for net Network node 400 realizes Diameter service, and this includes independence to each independent dialogue Diameter example session.Each Diameter example session comprises session cache device 414 (1) ... 414 N (), described buffer comprises the information about Diameter session.
If session is by mirror image on the remote server, then the information about any mirror image of session will be by It is included in session cache device 414.Each Diameter example session 412 performs for this Diameter The essential service of session.If network node 400 is used as on remote network node (not shown) The effect of mirror image of Diameter session, then corresponding Diameter example session 412 will not provide Diameter services;On the contrary, session cache device 414 will comprise and be forwarded to from main Diameter server It, the complete documentation that communicates for all Diameters of this Diameter session, but network Node 400 will not make any action.When Diameter session start, or it is it desired to Diameter mirror image is for the session previously started, then Diameter mirror image selects module 416 to be called Select mirror image.The list of mirror image can select from image listing 418, and it can use DNS-SRV Or DNS NAPTR constitutes (populate).
As by shown in arrow 420, Diameter example session 412 (n) can directly and Diameter Client communication.But it is mirrored on long-range Diameter mirror image server (not shown) in session In the case of, all communications being sent to this Diameter client are also sent to Diameter mirror image Module 422, as by shown in arrow 424, Diameter mirror module 422 is to long-range Diameter Mirror image server forwards communication.When the Diameter of the entrance for the Diameter session being mirrored disappears When breath is received at arrow 420, these message can be copied into Diameter mirror module 422 (as shown in arrow 420a), the message copying that these are entered by Diameter mirror module 422 is extremely Remotely Diameter mirror image server (being illustrated by arrow 424 equally).By arrow 420,420a and 424 data paths described, and the data road between example session and Diameter mirror image server Footpath can realize in certain embodiments as STD bus or switch architecture.
Subscriber equipment and gateway
Above-described subscriber equipment can use multiple access technology to lead to multiple Radio Access Networks Letter, and can be with wireline communication network communication.Subscriber equipment can be to provide advanced ability (such as literary composition Word processing, website browsing, game, e-book, operating system and full keyboard) smart phone.With Family equipment can be at Blackberry, Windows of such as Symbian OS, iPhone OS, RIM Run in the operating system of Mobile, Linux, Palm WebOS and Android.Display screen can be The touch screen to mobile device input data can be used for, and this screen can be used to replace full keyboard. Subscriber equipment can have to run to be applied or leads to the application provided by the server in communication network The ability of letter.Subscriber equipment these application from this network can receive renewal and out of Memory.
Subscriber equipment also comprises other equipment much, such as can with the TV (TV) of network service, Projector, Set Top Box or set top unit, digital video recorder (DVR), computer, net book, Laptop computer and other audio/video devices any.Subscriber equipment can also be at its stack or deposit Reservoir preserves global positioning coordinates, profile information or other positional information.Subscriber equipment has this The memorizer of sample, such as computer-readable medium, flash memory, disc driver, CD drive, can Program read-only memory (PROM) and/or read only memory (ROM) etc..Subscriber equipment can be joined It is equipped with and processes instruction and run one or more process of the software can being stored in memorizer Device.Processor can also with memorizer and interface communication thus with miscellaneous equipment communication.Processor is permissible It is any applicable processor, such as, combines the SOC(system on a chip) of CPU, application processor and flash memory.Connect Mouth can realize in hardware or in software.Interface can be used to receive automatic network and local source Data and the information of control, such as, arrive the long-range control of TV.Subscriber equipment may be provided for various user Interface, such as keyboard, touch screen, trace ball, touch pad and/or mouse.Use in certain embodiments Family equipment can also include speaker and display device.
The most above-described unloading gateway realizes in a network device.This network equipment Multiple and different integrated functionalities can be realized.In certain embodiments, in following function Or multiple can realize on a network device, including security gateway (SEGW), access gateway, gateway Gateway GPRS supporting node (GGSN) (GGSN), Serving GPRS Support Node (SGSN), Grouped data IWF (PDIF), access service network gateway (ASNGW), user plane are real Body (UPE), IP gateway, Session initiation Protocol (SIP) server, agent call session control merit Can (P-CSCF), enquiry call conversation control function (I-CSCF), gateway (SGW) with And grouped data network gateway (PDN GW), Mobility Management Entity (MME), mobile access Gateway (MAG), HRPD gateway (HSGW), local mobile anchor (LMA), point Group data serving node (PDSN), Foreign Agent (FA) and/or home agent (HA).
In certain embodiments, in network equipment, the combination of hardware and software provides function.General firmly It is one or more that part can be configured to provide in a network in these proprietary features.Gateway is all right Supporting to be derived from the session of femto base station, use broadband network is connected to this gateway by this base station.Individual Or company can use femto base station to support one or more mobile node in family or company. This gateway can provide based on the traffic management during the handover from femto base station to macro base station Trigger, be simultaneous for mobile node and keep traffic management.Unloading gateway may be implemented as following item Combination in any, including: xGSN XGW, XGW-SGW and XGW-PGW.
In certain embodiments, network equipment is that the set using integrated circuit board or card realizes. These cards include the input/output interface for communicating each other, and at least one is used for performing to instruct also And run the processor storing module in memory, with for storing the memorizer of data.According to Some embodiments, the function realizing gateway of network equipment will be further described below.Fig. 5 shows Go out the network equipment implementation according to some embodiments.Network equipment 500 includes should for loading With the groove 502 of card and line card.Mid-plane (midplane) can be used in this network equipment to carry Connect and transmission path for the internal network device communication between the card of various installations, power.In this Between plane can include bus, such as switch architecture 505, control bus 506, System Management Bus, Redundant bus 508 and time division multiplexing (TDM) bus.Switch architecture 504 be for throughout The IP-based transmission path of the user data of whole network equipment, this network equipment is by application Set up intercard communication between card and line card and realize.Control bus 506 to interconnect in this network equipment Control and management processor.Network equipment management bus provides the management to systemic-function, as provided merit Rate, monitoring temperature, board state, data path errors, card reset and other failover features. Redundant bus 508 provides user data and redundant link when hardware fault.TDM bus pin is to system On voice service provide support.
The application card of network equipment support at least four type: exchange processor I/O card (SPIO) 510, system management card (SMC) 512, packet services card (PSC) 515 and packet accelerator Card (not shown).Other card being used in this network equipment includes line card 566 and Redundant Crossbar Cards (RCC) 518.When being loaded in a network device, line card 516 provides the input of this network and other device / output connects and redundancy link.Line card 516 includes via Ethernet, optical fiber and other communication media Interface to network.This allows to make by any one from network equipment of Redundant Crossbar Cards 518 Snap into the redundancy link of arbitrarily another card.SPIO card 510 is used as the controller of network equipment, and bears Duty such as initializes network equipment and software arrangements is loaded into the thing on other card of this network equipment Business.
System management card (SMC) 512 and switch processor card (not shown) are for managing and controlling The system of other card in network apparatus processed controls and management card.Packet accelerator card (PAC) and point Group service card (PSC) 514 provide the packet transaction between other affairs, context processing capabilities and Transfer capability.PAC and PSC 514 controls processor and network processing unit perform point by using Group processes operation.Network processing unit determines packet transaction requirement;Receive and send from/go to various The user data frame of physical interface;Make IP and forward decision;Realize packet filtering, stream inserts, deletion And amendment;Traffic management and traffic engineering;Revise/add/remove packet header;And manage line Card port and internal packet transportation.This control processor of also being located in packet accelerator card provide based on User's service processing of packet.
Operating system software can be based on the tool in Linux software kernel, and operational network device Body application (as monitored task) also provides protocol stack.This software allows network equipment resource by for control System and data path are respectively allocated.Such as, some packet accelerator card and packet services card can be special Door performs route or safety control function, and other packet accelerator card/packet services card special disposal is used Family session traffic.Along with the change of network requirement, can dynamically dispose hardware in certain embodiments Resource is to meet requirement.System can be virtualized the multiple example logic supporting service, such as skill Art function (such as SEGW PGW, SGW, MME, HSGW, PDSN, ASNGW, PDIF, HA or GGSN).
The software of network equipment can be divided into a series of task in execution concrete function ground.These tasks Intercommunication as desired, thus Compliance control and data message in whole described network equipment. Task is carried out the software process of the concrete function relevant to system control or Dialog processing.Real at some Execute in example, have the task operating of three types in network equipment: mission critical, controller task, Manager task.Mission critical controls to process the ability of calling (as at the beginning of network equipment with network equipment Beginningization, error detection and recovery tasks) relevant function.It is soft that controller task is covered from user The distribution property of part and perform all tasks described as follows: monitor the shape of one or more secondary manager State, it is provided that the manager intercommunication in same subsystem, and by with belong to other subsystem One or more controller communications enable subsystem internal communication.Manager task control system resource And keep the logical mappings between system resource.
The independent task operated on the processor in application card can be divided into subsystem.Subsystem It is such software element: it or execution specific tasks, or is the summit of other task multiple (culmination).Single subsystem can include that mission critical, controller task and management are had a high regard for Business.Some subsystems that can run on a network device include system initiation task subsystem, high Availability task subsystem, recovers control task subsystem, configuration sharing task subsystem, resource pipe Reason subsystem, virtual private network Network Subsystem, network processing unit subsystem, card/slot/port subsystem System and session subsystem.
System initiation task subsystem starts to perform one group of initiating task at system section start, and carries For single task (if necessary).High availability task subsystem and recovery control task System works together, thus by monitoring that the various software and hardware assemblies of network equipment keep this net The mode of operation of network device.Recover control task subsystem responsible for the event occurred in a network device Barrier performs recovery operation, and receives the recovery action from high availability task subsystem.Process Task is distributed in multiple examples of parallel running, if so expendable software error occurs, Then the whole disposal abilities for this task will not be lost.User conversation process can be grouped into meeting again Words set, if thus in a subgroup occur problem, then the user in another subgroup is not Can be affected by this problem.
This framework also allows for the inspection of process and points to (check-pointing), and this is a kind of protection system Resist any critical software process and be likely to occur the mechanism of fault.The selfreparing of software architecture (self-healing) attribute is by prediction fault and local volume production (spawn) mirrored procedure or across card System is protected on border, thus seldom or is continuing operation in the case of not having service disruption.This Unique framework permission system is while having guaranteed the integrity of accounting data, in highest level Perform and protect the data session of user in elasticity.
Configuration sharing task subsystem provides the network equipment with such ability: this network equipment can Arrange, retrieve and receive the notice of the configuration parameter change of network equipment, and be responsible for at this net That runs in network device should be for storing configuration data.Resource Manager Subsystem be responsible for Resources allocation (as Processor and memory capabilities) to task, and monitor the task use to resource.
The management of the entity that virtual private net (VPN) management subsystem is relevant to VPN and operation side Face, services including the IP creating the VPN context separated, start in VPN context, manages IP Pond and subscriber IP address and in VPN context, be distributed IP stream information.In some embodiments In, in a network device, in concrete VPN context, perform IP operation.Network processing unit System is responsible for many functions listed above of network processing unit.Card/slot/port subsystem responsible is assisted Adjust and (on newly inserted card, such as find and configure port with card activity, and determine how line card reflects It is mapped to application card) generation of relevant event.
In certain embodiments, session subsystem is responsible for the data stream of the mobile subscriber processing and monitoring. Dialog processing task for mobile data communication includes: such as, the S1/S5/S8 interface of LTE network Terminal, the A10/A11 interface termination of cdma network, GPRS and/or the GSM of UMTS network Tunnel protocol (GTP) terminal, async-ppp processes, and IPsec, IP forward and AAA service. The responsibility of each can be distributed between subtask (referred to as manager), thus provides more efficient place Reason and bigger redundancy.Separate conversation controller task be used as specification and monitor manager and and its The integrating control node of its active subsystem communication.This session subsystem also manages special user data Process, such as payload conversion, filtration, statistical information collection, strategy and scheduling.
In providing emulation, owing to MIPv4 is received from mobile node, session subsystem can be arranged The terminal of MIPv4 also arranges the PMIPv6 session towards core network.Session manager can follow the trail of meeting Words mapping and process thus the emulation between network and interaction are provided.Data base can also be used Carry out map information and store such as NAI, HOA and AE in certain embodiments between sessions Information.
Network equipment allows system resource by for controlling to be respectively allocated with data path.Such as, at it During its PAC/PSC special disposal user conversation flow, some PAC/PSC can perform route specially Or safety control function.Along with growth and the change of call model of network demand, can add hard Part resource meets the needs of the more process processing power, such as encryption, packet filtering etc..Fig. 6 shows Go out the logical view of the software architecture of the network equipment according to some embodiment.As it can be seen, this software Can be distributed in network equipment along different circuit boards, processor and memorizer with hardware.Fig. 6 Including host exchange processor card (SPC)/system management card (SMC) 600a, two grades of SPC/SMC 600b, PAC/PSC 602a 602d, communication path 604 and synchronous path 606.SPC/SMC 600 Including memorizer 608, processor 610, boot configuration 612, high availability task 614, resource pipe Reason device 616, switch architecture control 618 and controller task 620.
SPC/SMC 600 manages and controls network equipment, including other card in this network equipment. SPC/SMC 600 can be configured in provides redundancy and the main arrangement of failure safe protection and two grades of arrangements In.The module run on SPC/SMC 600 or task relate to the wide model of network equipment and control and management. Boot configuration task 612 includes for starting and the information of test network device.This network equipment also may be used To be configured to start in a different configuration and provide different implementation.Which these can include A little functions and service can run on SPC/SMC 600.High availability task 614 is filled by supervision Put and the effort of managing to resume is to maintain the running status of this network equipment, thus avoid in service Disconnected.Explorer is followed the trail of for session and demand on this network equipment and distributes available resources.This Different processor fortune can be included and operate in the load balance between the task on this network equipment. Process can meet the needs of network model and the requirement of detailed process to be distributed between system.Such as, Most tasks can be configured on SPC/SMC 600 or PAC/PSC 602 perform, and at some The task that reason device is concentrated can also perform across multiple PAC/PSC thus utilize multiple cpu resource. The distribution of these tasks is sightless for user.Switch architecture controls 618 control network equipments In communication path.Controller task module 620 can manage the task between the resource of network thus There is provided the service of such as VPN service etc, it is intended that port, create, delete and revise subscriber equipment Session.
PAC/PSC 602 be for packet transaction and with the various network functions provided on network equipment Relevant task and the high speed processing card that designs.PAC/PSC 602 includes memorizer 624, network processes Unit (NPU) 626, processor 628, hardware engine 630, encryption unit 632, compression member 634 and filter element 636.Hardware engine 630 can be deployed with card and support for compressing, classify stream Amount scheduling, forwarding, packet filtering and the parallel and distributed process of statistics compilation.In some embodiments In, these parts can provide ratio to use the general processor can more effectively special handling.
Each PAC/PSC 602 can support multiple environment.PAC/PSC 602 can also run various Task or module.PAC/PSC 602a provides routing manager 622, and each routing manager 622 covers Cover the route of not same area.PAC/PSC 602b provides session manager 638 and AAA manager 640. Session manager 638 manages one or more sessions of corresponding one or more subscriber equipment.Session is permitted Permitted subscriber equipment for audio call words and data and network service.AAA manager 640 manages network The book keeping operation of middle aaa server, certification and mandate.PAC/PSC 602 provides deep packet to check task 642 and signaling demultplexer (demux) 644.Deep packet check task 642 provide layer 4 it Outer grouping information inspection uses for network equipment and analyzes.Signaling demultplexer 644 is permissible The extensibility of service and other block combiner is provided.PAC/PSC 602d is carried by standby task 646 For redundancy.Standby task 646 stores status information and other mission bit stream, if thus card lost efficacy or If person has the event removing this card planned, then this standby task can replace appointing of activation immediately Business.
In some embodiments, it is desirable to include for realizing the software of process or data base: advanced procedures Or object-oriented language, such as C, C++, C#, Java or Perl.If desired, should Software can also realize with assembler language.In network equipment realize packet transaction can include any by The process that context determines.Such as, packet transaction can relate to High-Level Data Link Control (HDLC) Framing (framing), header suppression and/or encryption.In certain embodiments, this software is stored in On storage media or device, such as, can be read by universal or special processing unit thus perform described in this document Process read only memory (ROM), programmable read only memory (PROM), electric erasable can Program read-only memory (EEPROM), flash memory or disk.Processor may be configured to process and refers to Any microprocessor (monokaryon or multinuclear) of order, SOC(system on a chip) (SoC), microcontroller, numeral letter Number processor (DSP), Graphics Processing Unit (GPU), or other integrated circuit any, such as X86 microprocessor.
Although the disclosure has been described above and shows exemplary embodiments mentioned above, it is to be understood that make The disclosure solely for illustrative purposes, and in the case of without departing substantially from the spirit and scope of the disclosure The change in many details can be made, wherein the spirit of the disclosure and model with implementation of this disclosure Enclose and only limited by the claims below.Other embodiments is within the claims below.Such as, Diameter Image feature can combine or co-located with PDSN or other IMS gateway.

Claims (15)

1. a certificate server, this certificate server includes:
Memorizer;
Processor, described processor may operate to perform storage instruction in which memory;
Network interface, described network interface is by using authentication protocol and the Authentication Client on network Communication;
Authentication module, described authentication module is for being the independent certification meeting between described Authentication Client Words hold mode;And
Mirror module, described mirror module and described authentication module communication, described mirror module is configured For receiving certification message for described independent certification meeting from described authentication module and described Authentication Client Words, described mirror module is configured to the network of service supplier and forwards individually to certification mirror image Each in the certification message received, and described mirror module is configured from described service supplier Network on peer server pond in select described certification mirror image, thus the certification message of each arrival Once being sent arrival by described authentication module, be forwarded to provide Tong Bu with described mirror module, thus It is up-to-date for allowing described certification mirror image,
Wherein said instruction may operate to send described to described Authentication Client by authentication protocol message The identification information of certification mirror image, and for the certification message received of authen session by described certification Module forwards.
2. certificate server as claimed in claim 1, wherein said certificate server may operate to by Multiple client sessions are mirrored to multiple certification mirror image.
3. certificate server as claimed in claim 1, it is right that wherein said certificate server is configured to The request of the certification mirror image of the session crossed as the mirror image from peer server responds, and Described peer server replaces described peer server in the case of breaking down and restarts described mirror As the session crossed.
4. certificate server as claimed in claim 1, wherein said instruction may operate to creating institute When stating the new authen session between Authentication Client and described certificate server, peer server is elected as Mirror image.
5. certificate server as claimed in claim 1, this certificate server also includes being used as equity clothes The module of the mirror image of business device.
6. certificate server as claimed in claim 1, wherein said authentication protocol is based on Diameter Agreement.
7. certificate server as claimed in claim 1, wherein said certificate server is gateway In SGW, policy, billing and rule functional PCRF or CSCF CSCF one.
8. an authentication method, the method includes:
At the server initiating authentication application session, receive the authentication protocol from Authentication Client disappear Breath;
Authentication application session is set up between described Authentication Client and described server;
At least one mirror image server is selected for described authentication application session from peer server pond;
Configuration to independent authentication protocol message from described Authentication Client at least one mirror image server , uninterrupted and movable forwarding;
The mark about at least one mirror image server is sent to described Authentication Client in certification message Information, and described authentication application session processes by described server, thus described in allowing at least one Individual mirror image server maintains the up-to-date authentication state for described authentication application session.
9. method as claimed in claim 8, the method also includes receiving as from peer server The request of mirror image of authen session, and replace in the case of described peer server breaks down Described peer server and restart the session that mirror image is crossed.
10. method as claimed in claim 8, the method also includes being mirrored to multiple client sessions Multiple mirror image servers.
11. methods as claimed in claim 8, the method also includes keeping for each authen session The centralized list of mirror image server.
12. methods as claimed in claim 8, the method also includes findings that and stores and can be chosen as mirror image The address of peer server.
13. methods as claimed in claim 8, the method be additionally included in establishment described Authentication Client and During new authen session between certificate server, elect peer server as mirror image.
14. methods as claimed in claim 8, the method also includes the mirror as Peer Authentication server As server.
15. methods as claimed in claim 8, wherein said authentication protocol is based on Diameter Agreement, described identification information is IP address, and described server is gateway SGW, strategy meter Take and in rule functional PCRF or CSCF CSCF.
CN201180065706.0A 2010-11-23 2011-11-22 Redundancy and the system and method for fault transfer are provided Expired - Fee Related CN103329480B (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US12/952,441 2010-11-23
US12/952,441 US8499336B2 (en) 2010-11-23 2010-11-23 Session redundancy among a server cluster
PCT/US2011/061907 WO2012071446A2 (en) 2010-11-23 2011-11-22 Session redundancy among a server cluster

Publications (2)

Publication Number Publication Date
CN103329480A CN103329480A (en) 2013-09-25
CN103329480B true CN103329480B (en) 2016-10-12

Family

ID=46065681

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201180065706.0A Expired - Fee Related CN103329480B (en) 2010-11-23 2011-11-22 Redundancy and the system and method for fault transfer are provided

Country Status (4)

Country Link
US (1) US8499336B2 (en)
EP (2) EP2643945B1 (en)
CN (1) CN103329480B (en)
WO (1) WO2012071446A2 (en)

Families Citing this family (36)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1932009B1 (en) * 2005-08-31 2014-02-12 T2 Biosystems, Inc. Nmr device for detection of analytes involving magnetic particles
WO2009134265A1 (en) * 2008-05-01 2009-11-05 Lucent Technologies Inc Message restriction for diameter servers
WO2010136699A2 (en) * 2009-05-29 2010-12-02 France Telecom Technique for distributing content to a user
US8725820B2 (en) * 2010-12-16 2014-05-13 Openet Telecom Ltd. Methods, systems and devices for horizontally scalable high-availability dynamic context-based routing
US20120207086A1 (en) * 2011-02-10 2012-08-16 Alcatel-Lucent Canada, Inc. Simultaneously supporting muliple 3gpp standard versions
US8756455B2 (en) 2011-11-17 2014-06-17 Microsoft Corporation Synchronized failover for active-passive applications
WO2013078558A1 (en) * 2011-11-28 2013-06-06 Jigsee Inc. Method of determining transport parameters for efficient data transport across a network
US10637918B2 (en) 2012-02-27 2020-04-28 Red Hat, Inc. Load balancing content delivery servers
US8964529B2 (en) * 2012-09-04 2015-02-24 Alcatel Lucent Fast acceptance of diameter peer failover
CN102883308B (en) * 2012-09-12 2015-08-19 大唐移动通信设备有限公司 A kind of Origin-State-Id AVP sending method based on Diameter and device
KR20140038846A (en) * 2012-09-21 2014-03-31 삼성전자주식회사 A method and apparatus for control maintenance of session for an application in a mobile communication system
EP2741471A1 (en) * 2012-12-07 2014-06-11 Alcatel Lucent Method, system and devices for content caching and delivering in IP networks
US9641603B2 (en) * 2012-12-31 2017-05-02 Radware, Ltd. Method and system for spooling diameter transactions
KR101492417B1 (en) * 2013-07-16 2015-02-12 (주)엔텔스 Failover method in system based on diameter protocol and system based on diameter protocol
US9235485B2 (en) 2013-07-22 2016-01-12 International Business Machines Corporation Moving objects in a primary computer based on memory errors in a secondary computer
GB2517766A (en) * 2013-08-31 2015-03-04 Metaswitch Networks Ltd Data processing
US9766992B2 (en) * 2013-10-31 2017-09-19 Sandisk Technologies Llc Storage device failover
GB2525637B (en) 2014-04-30 2021-03-31 Metaswitch Networks Ltd Message Processing
US9954815B2 (en) * 2014-09-15 2018-04-24 Nxp Usa, Inc. Domain name collaboration service using domain name dependency server
US10834054B2 (en) 2015-05-27 2020-11-10 Ping Identity Corporation Systems and methods for API routing and security
US10298539B2 (en) 2015-07-09 2019-05-21 Microsoft Technology Licensing, Llc Passive delegations and records
US9847932B2 (en) 2015-09-09 2017-12-19 Cisco Technology, Inc. Mobile gateway redundancy with active standby
US10855682B2 (en) 2016-01-22 2020-12-01 Hewlett Packard Enterprise Development Lp Virtual address for controller in a controller cluster
US10102087B2 (en) * 2016-02-19 2018-10-16 Oracle International Corporation Methods, systems, and computer readable media for detecting and managing suspect subscriber bindings
US10129867B2 (en) * 2016-04-29 2018-11-13 At&T Intellectual Property I, L.P. Universal peer-to-peer signaling network virtualization and orchestration
CN107766699A (en) * 2016-08-16 2018-03-06 新华三技术有限公司 A kind of authorized appropriation method and apparatus
CN106331074B (en) * 2016-08-17 2019-09-13 上海斐讯数据通信技术有限公司 A kind of certification switching method
US10681012B2 (en) 2016-10-26 2020-06-09 Ping Identity Corporation Methods and systems for deep learning based API traffic security
CN109005204B (en) * 2017-06-07 2021-08-20 腾讯科技(深圳)有限公司 Live broadcast processing method, device and system
US10412772B2 (en) 2017-08-08 2019-09-10 Oracle International Corporation Methods, systems, and computer readable media for using access point name (APN) independent subscriber bindings
EP4020282A1 (en) 2017-10-13 2022-06-29 Ping Identity Corporation Methods and apparatus for analyzing sequences of application programming interface traffic to identify potential malicious actions
US11048536B2 (en) * 2017-11-28 2021-06-29 Microsoft Technology Licensing, Llc High availability cloud service provision
US11451637B2 (en) * 2017-12-02 2022-09-20 Telefonaktiebolaget Lm Ericsson (Publ) Method for migration of session accounting to a different stateful accounting peer
WO2019155477A1 (en) * 2018-02-08 2019-08-15 Telefonaktiebolaget Lm Ericsson (Publ) A method for seamless migration of session authentication to a different stateful diameter authenticating peer
EP3678348A1 (en) 2019-01-04 2020-07-08 Ping Identity Corporation Methods and systems for data traffic based adpative security
JP2020201637A (en) * 2019-06-07 2020-12-17 京セラドキュメントソリューションズ株式会社 Information processing system

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1878087A (en) * 2006-03-20 2006-12-13 华为技术有限公司 Service call session control function entity backup method and system thereof
CN101170553A (en) * 2006-10-24 2008-04-30 华为技术有限公司 Method and device for realizing Internet protocol multi-media sub-system disaster tolerance
CN101383725A (en) * 2007-09-28 2009-03-11 华为技术有限公司 IP multimedia subsystem and disaster tolerant resuming method

Family Cites Families (82)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5388099A (en) 1992-10-22 1995-02-07 Digital Equipment Corporation Backplane wiring for hub in packet data communications system
US5361249A (en) 1993-10-26 1994-11-01 Martin Marietta Corp. Fault tolerant switched communication system
US5436886A (en) 1994-07-14 1995-07-25 Northern Telecom Limited ATM switch in dual switch plane operation
US5631908A (en) 1995-03-28 1997-05-20 Digital Equipment Corporation Method and apparatus for generating and implementing smooth schedules for forwarding data flows across cell-based switches
US5787070A (en) 1995-06-21 1998-07-28 Cisco Technology, Inc. One for N redundancy in a communication system
US5790519A (en) 1995-10-26 1998-08-04 Dsc Communications Corporation Broadband digital cross-connect system architecture
US6356551B1 (en) 1997-02-14 2002-03-12 Advanced Micro Devices, Inc. Method and network switch having dual forwarding models with a virtual lan overlay
US20020010865A1 (en) 1998-01-30 2002-01-24 Christina E. Fulton Method and apparatus for remote office access management
AU3186599A (en) 1998-04-03 1999-10-25 Netcore Systems, Inc. High speed combination router-switch
US6351466B1 (en) 1998-05-01 2002-02-26 Hewlett-Packard Company Switching systems and methods of operation of switching systems
US6195705B1 (en) 1998-06-30 2001-02-27 Cisco Technology, Inc. Mobile IP mobility agent standby protocol
US6724756B2 (en) 1999-01-12 2004-04-20 Cisco Technology, Inc. Method for introducing switched virtual connection call redundancy in asynchronous transfer mode networks
US6973057B1 (en) 1999-01-29 2005-12-06 Telefonaktiebolaget L M Ericsson (Publ) Public mobile data communications network
DE19911369C2 (en) 1999-03-15 2003-04-03 Nanotron Ges Fuer Mikrotechnik Surface-wave converter device and identification system herewith
US6621810B1 (en) 1999-05-27 2003-09-16 Cisco Technology, Inc. Mobile IP intra-agent mobility
US6671271B1 (en) 1999-06-03 2003-12-30 Fujitsu Network Communications, Inc. Sonet synchronous payload envelope pointer control system
US6359858B1 (en) 1999-06-03 2002-03-19 Fujitsu Network Communications, Inc. Switching redundancy control
US6751191B1 (en) 1999-06-29 2004-06-15 Cisco Technology, Inc. Load sharing and redundancy scheme
US7161930B1 (en) 1999-06-30 2007-01-09 Cisco Technology, Inc. Common backplane for physical layer system and networking layer system
US6799204B1 (en) 1999-10-22 2004-09-28 Telcordia Technologies, Inc. Method and system for dynamic registration and configuration protocol
JP2001236257A (en) 2000-02-24 2001-08-31 Fujitsu Ltd Information storage device and method for updating subscriber's data and mobile communication system
US7002908B1 (en) 2000-02-28 2006-02-21 Telefonaktiebolaget Lm Ericsson (Publ) Interconnection link redundancy in a modular switch node
US6361249B1 (en) 2000-03-08 2002-03-26 Samian Investments Inc. Negative air pressure cover
FI20000574A (en) 2000-03-13 2001-09-14 Nokia Mobile Phones Ltd Load balancing in a communication system supporting IP mobility
US7173917B1 (en) 2000-03-31 2007-02-06 Nortel Networks Limited Unicast agent advertisement based on layer 2 and layer 3 motion detection
US8204082B2 (en) 2000-06-23 2012-06-19 Cloudshield Technologies, Inc. Transparent provisioning of services over a network
SE522271C2 (en) 2000-07-05 2004-01-27 Ericsson Telefon Ab L M Method and apparatus in switching node for a telecommunications system
US6795705B1 (en) 2000-10-31 2004-09-21 Utstarcom, Inc. Hot standby protocol for wireless devices
US7324500B1 (en) 2000-10-31 2008-01-29 Jeremy Benjamin As Receiver For Chiaro Networks Ltd. Router network protection using multiple facility interfaces
US6771623B2 (en) 2000-12-01 2004-08-03 Telefonaktiebolaget Lm Ericsson (Publ) Method for ensuring reliable mobile IP service
US7333482B2 (en) 2000-12-22 2008-02-19 Interactive People Unplugged Ab Route optimization technique for mobile IP
US7010715B2 (en) 2001-01-25 2006-03-07 Marconi Intellectual Property (Ringfence), Inc. Redundant control architecture for a network device
US7051109B1 (en) 2001-02-21 2006-05-23 Cisco Technology, Inc. Methods and apparatus for using SCTP to provide mobility of a network device
WO2002079905A2 (en) * 2001-04-02 2002-10-10 Akamai Technologies, Inc. Scalable, high performance and highly available distributed storage system for internet content
US7248597B2 (en) 2001-05-02 2007-07-24 Nvidia Corporation General purpose input/output controller
US6957251B2 (en) 2001-05-07 2005-10-18 Genworth Financial, Inc. System and method for providing network services using redundant resources
US7130276B2 (en) 2001-05-31 2006-10-31 Turin Networks Hybrid time division multiplexing and data transport
DE10128686A1 (en) 2001-06-13 2002-12-19 Philips Corp Intellectual Pty Virtual output queue packet switching unit uses port controller status information
GB0122451D0 (en) 2001-09-18 2001-11-07 2H Offshore Engineering Ltd Buoyancy apparatus
US20030073439A1 (en) 2001-10-17 2003-04-17 Wenzel Peter W. Home agent redundancy in a cellular system
US7227863B1 (en) 2001-11-09 2007-06-05 Cisco Technology, Inc. Methods and apparatus for implementing home agent redundancy
US6801975B1 (en) 2001-12-05 2004-10-05 Adaptec, Inc. Parallel SCSI host adapter and method for fast capture of shadow state data
US7284057B2 (en) 2002-02-27 2007-10-16 Cisco Technology, Inc. Methods and apparatus for Mobile IP Home Agent clustering
EP1357690B1 (en) 2002-03-27 2005-07-06 Lightmaze Solutions AG Intelligent optical network element
US7080151B1 (en) 2002-04-01 2006-07-18 Utstarcom, Inc. Method and system for mobile IP home agent redundancy by using home agent control nodes for managing multiple home agents
US20030200330A1 (en) 2002-04-22 2003-10-23 Maxxan Systems, Inc. System and method for load-sharing computer network switch
US7587498B2 (en) 2002-05-06 2009-09-08 Cisco Technology, Inc. Methods and apparatus for mobile IP dynamic home agent allocation
US7248560B1 (en) 2002-06-04 2007-07-24 Cisco Technology, Inc. Method and system for router redundancy in a wide area network
US7295511B2 (en) 2002-06-13 2007-11-13 Utstarcom, Inc. System and method for packet data serving node load balancing and fault tolerance
US7082130B2 (en) 2002-06-13 2006-07-25 Utstarcom, Inc. System and method for point-to-point protocol device redundancey
US7032135B2 (en) 2002-08-02 2006-04-18 Corrigent Systems Ltd. Equipment protection using a partial star architecture
US7558193B2 (en) 2002-08-12 2009-07-07 Starent Networks Corporation Redundancy in voice and data communications systems
US7269133B2 (en) 2002-09-03 2007-09-11 Jeremy Benjamin IS-IS high availability design
JP4111793B2 (en) 2002-09-26 2008-07-02 富士通株式会社 Relay system
US7489667B2 (en) 2002-11-08 2009-02-10 Faccin Stefano M Dynamic re-routing of mobile node support in home servers
US20040114510A1 (en) 2002-12-16 2004-06-17 Miller Frank W. Remote terminal multiplexer/de-multiplexer having protection bus
US20050207382A1 (en) 2003-05-19 2005-09-22 Akira Hirashima Home agent, mobile communications system, and load dispersing method
US7599285B2 (en) 2003-11-03 2009-10-06 Cisco Technology, Inc. Combined electro-mechanical and solid state switching fabric
CN100388805C (en) 2003-11-10 2008-05-14 华为技术有限公司 Data disaster tolerance method for attaching location registor
US7340169B2 (en) 2003-11-13 2008-03-04 Intel Corporation Dynamic route discovery for optical switched networks using peer routing
US7246256B2 (en) 2004-01-20 2007-07-17 International Business Machines Corporation Managing failover of J2EE compliant middleware in a high availability system
WO2005081447A1 (en) 2004-02-13 2005-09-01 Alcatel Wireless, Inc. Method and system for providing availability and reliability for a telecommunication network entity
JP2005269068A (en) 2004-03-17 2005-09-29 Fujitsu Ltd Home agent duplication method and apparatus thereof
US20050226148A1 (en) 2004-04-12 2005-10-13 Nortel Networks Limited Method and apparatus for enabling redundancy in a network element architecture
US7715310B1 (en) 2004-05-28 2010-05-11 Cisco Technology, Inc. L2VPN redundancy with ethernet access domain
US7827307B2 (en) 2004-09-29 2010-11-02 Cisco Technology, Inc. Method for fast switchover and recovery of a media gateway
US8028329B2 (en) * 2005-06-13 2011-09-27 Iamsecureonline, Inc. Proxy authentication network
US7953826B2 (en) 2005-07-14 2011-05-31 Cisco Technology, Inc. Provisioning and redundancy for RFID middleware servers
US7756548B2 (en) 2005-09-19 2010-07-13 Qualcomm Incorporated Methods and apparatus for use in a wireless communications system that uses a multi-mode base station
US7567791B2 (en) 2005-09-19 2009-07-28 Qualcomm Incorporated Wireless terminal methods and apparatus for use in a wireless communications system that uses a multi-mode base station
US7443786B2 (en) 2005-11-08 2008-10-28 Telefonaktiebolaget L M Ericsson (Publ) Apparatus and methods for home agent resiliency for mobile IPv4
US8223687B2 (en) 2005-11-23 2012-07-17 Cisco Technology, Inc. Method for providing home agent geographic redundancy via a service redundancy protocol
US8565070B2 (en) 2005-11-23 2013-10-22 Cisco Technology, Inc. System and method for active geographic redundancy
US8437305B2 (en) 2005-11-23 2013-05-07 Cisco Technology, Inc. Method for providing home agent geographic redundancy
US7903647B2 (en) 2005-11-29 2011-03-08 Cisco Technology, Inc. Extending sso for DHCP snooping to two box redundancy
US7835378B2 (en) 2006-02-02 2010-11-16 Cisco Technology, Inc. Root node redundancy for multipoint-to-multipoint transport trees
US8023479B2 (en) 2006-03-02 2011-09-20 Tango Networks, Inc. Mobile application gateway for connecting devices on a cellular network with individual enterprise and data networks
US20070240209A1 (en) 2006-04-05 2007-10-11 Lewis Adam C Session persistence on a wireless network
JP4909773B2 (en) * 2007-03-16 2012-04-04 日本電気株式会社 Home subscriber server configuration method, configuration system, program, and storage medium
US20080247308A1 (en) 2007-04-04 2008-10-09 Cisco Technology, Inc. Providing session redundancy using priority during a syncing process
US8004968B2 (en) 2008-12-24 2011-08-23 Cisco Technology, Inc. Provider edge-controlled redundancy using pseudo link aggregation control protocol
US8264956B2 (en) 2009-02-27 2012-09-11 Cisco Technology, Inc. Service redundancy in wireless networks

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1878087A (en) * 2006-03-20 2006-12-13 华为技术有限公司 Service call session control function entity backup method and system thereof
CN101170553A (en) * 2006-10-24 2008-04-30 华为技术有限公司 Method and device for realizing Internet protocol multi-media sub-system disaster tolerance
CN101383725A (en) * 2007-09-28 2009-03-11 华为技术有限公司 IP multimedia subsystem and disaster tolerant resuming method

Also Published As

Publication number Publication date
US8499336B2 (en) 2013-07-30
WO2012071446A2 (en) 2012-05-31
EP2643945A2 (en) 2013-10-02
EP2643945A4 (en) 2015-04-29
WO2012071446A3 (en) 2012-08-02
US20120131639A1 (en) 2012-05-24
EP3379802A1 (en) 2018-09-26
CN103329480A (en) 2013-09-25
EP2643945B1 (en) 2018-02-28

Similar Documents

Publication Publication Date Title
CN103329480B (en) Redundancy and the system and method for fault transfer are provided
EP3050258B1 (en) Methods, systems, and computer readable media for diameter load and overload information and virtualization
CN104581990B (en) Node selection in virtual evolution block core
JP5149899B2 (en) System and method for collapsed subscriber management and call control
CN103889004B (en) For selecting system, method and the medium of mobile management entity by enode b
CN102986283B (en) Utilize the multilayer paging support of paging priority
CN104902518B (en) The system and method for realizing reflective EPS carrying
US8811281B2 (en) Soft retention for call admission control in communication networks
EP2225663B1 (en) Providing services to packet flows in a network
CN102754409B (en) For the method for Diameter protocol harmonization, system and computer-readable medium
CN105282861B (en) System and method for implementing to carry callback service
CN105939527A (en) Congestion mitigation for roamers
Liang et al. A software defined security architecture for SDN-based 5G network
CN103108416B (en) A kind of IMS equipment and data processing method thereof
EP3656089B1 (en) Methods, systems, and computer readable media for operating a telecommunications network using an on-premises computing system and an off-premises cloud computing system
US20150358229A1 (en) Re-Routing of Diameter Commands
CN105764082B (en) Network element disaster recovery method and device
CN105162801A (en) Method for realizing independent recording of internet protocol (IP) terminal in conference mode
CN105451253B (en) A kind of policy control method and device, DRA, P-CSCF

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20161012

Termination date: 20211122

CF01 Termination of patent right due to non-payment of annual fee